Legislative Observatory
European Parliament
Please fill in this field to find a procedure

Strengthening Europol’s mandate: cooperation with private parties, processing of personal data, and support for research and innovation

2020/0349(COD)

The European Parliament adopted by 480 votes to 143, with 20 abstentions a legislative resolution on the proposal for a regulation of the European Parliament and of the Council amending Regulation (EU) 2016/794, as regards Europol’s cooperation with private parties, the processing of personal data by Europol in support of criminal investigations, and Europol’s role on research and innovation.

The European Union Agency for Law Enforcement Cooperation (Europol) is an EU agency with a crucial role in police cooperation. The proposed regulation aims to strengthen Europol's resources to better support Member States in their fight against new threats and modus operandi.

The European Parliament's first-reading position under the ordinary legislative procedure amends the Commission's proposal as follows.

Research and innovation

Given the challenges posed to the security of the Union by rapid technological developments and the exploitation of new technologies by terrorists and other criminals, the Regulation mandates Europol to assist Member States in using emerging technologies, exploring new approaches and developing common technological solutions to enable them to prevent and combat more effectively the forms of crime which fall within Europol's objectives.

At the same time, Europol should ensure that the development, use and deployment of new technologies are guided by the principles of transparency, explainability, fairness and accountability, do not undermine fundamental rights and freedoms and are in compliance with Union law.

Processing of large data sets

The data collected in the context of criminal investigations has grown in size and complexity. Member States, through their own data analysis, cannot always detect cross-border links.

Under the draft regulation, Europol should be able to process large and complex data sets to support Member States in their fight against serious crime and terrorism. The draft also contains strict requirements to ensure that any data processing by Europol is always in line with fundamental rights, including the right to privacy, as the regulation is aligned with the EU data protection regulation.

Transitional arrangements

In the draft Regulation, a new article has been introduced to further clarify the situation of data currently in the possession of Europol. A transitional measure will allow Member States, the European Public Prosecutor's Office and Eurojust to inform Europol that they wish to apply the new Europol mandate in respect of such data. Europol would, in that case, be able to continue to support investigations based on these data. In general, the text aims at reconciling the efficiency of the agency with full compliance with data protection rules.

Cooperation with private parties

In order to prevent and combat forms of crime falling within Europol's objectives, Europol should support Member States' actions aimed at effectively combating the dissemination of terrorist content in the context of online crisis situations arising from current or recent real events, as well as the online dissemination of child pornography.

Due to the increased use of online services by criminals, private parties hold increasing amounts of personal data, including subscriber, traffic and content data, which are potentially useful for criminal investigations.

Under the draft regulation, Europol should be able to receive personal data directly from private parties, thus providing a contact point at EU level to legally share data sets from several authorities. Europol should then analyse these datasets in order to identify the Member States concerned and forward the information to national authorities.

Cooperation with third countries

The draft regulation extends the scope for Europol to cooperate with third countries. It introduces the possibility to exchange personal data with countries where appropriate safeguards have been provided for in a legally binding instrument or exist based on a self-assessment carried out in the framework of Europol.

In the absence of an adequacy decision, the Management Board may authorise Europol to transfer personal data to a competent authority of a third country or to an international organisation where: (i) appropriate safeguards with regard to the protection of personal data are provided for in a legally binding instrument; or (ii) Europol has assessed all the circumstances surrounding the transfer of personal data and has concluded that appropriate safeguards exist with regard to the protection of personal data.

Cooperation with the European Public Prosecutor’s Office (EPPO)

Europol should work closely with the EPPO and support the investigations of the EPPO, upon its request. Europol should also report to the EPPO without delay any criminal conduct which falls under the EPPO’s competence. To enhance the operational cooperation between the two bodies, the draft regulation also sets down the rules for access to Europol’s data by the EPPO.

SIS alerts

Europol should be able to propose to Member States, on the basis of information received from third countries or international organisations, to enter alerts in the Schengen Information System (SIS) for information in the interest of the Union on persons involved in terrorist activities or serious crime.

Own-initiative investigations

The new mandate should allow the Executive Director of Europol to propose opening a national investigation into non-cross-border crimes affecting a common interest covered by an EU policy. It should be up to the national authorities to decide whether or not to comply with this request.